Y
Hacker News
new
|
ask
|
show
|
jobs
by
champtar
206 days ago
CAP_NET_RAW also allow to capture packets (tcpdump) so you really can have some fun like running a TCP stack in user space or MITM http connections:
https://blog.champtar.fr/IPv6_RA_MITM/
/
https://blog.champtar.fr/Metadata_MITM_root_EKS_GKE/